Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0213 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. | |||||
CVE-2000-0516 | 1 Intel | 1 Shiva Access Manager | 2024-02-28 | 7.2 HIGH | N/A |
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server. | |||||
CVE-2004-1413 | 1 Kayako | 1 Esupport | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature. | |||||
CVE-1999-1203 | 1 Ascend | 1 Multilink Ppp For Isdn | 2024-02-28 | 5.0 MEDIUM | N/A |
Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. | |||||
CVE-1999-0145 | 1 Eric Allman | 1 Sendmail | 2024-02-28 | 7.2 HIGH | N/A |
Sendmail WIZ command enabled, allowing root access. | |||||
CVE-2004-1346 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM. | |||||
CVE-2001-1366 | 1 Netscript Project | 1 Netscript | 2024-02-28 | 5.0 MEDIUM | N/A |
netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information. | |||||
CVE-2004-1383 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details.php. | |||||
CVE-1999-0842 | 1 Symantec | 1 Mail-gear | 2024-02-28 | 5.0 MEDIUM | N/A |
Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2002-1165 | 2 Netbsd, Sendmail | 2 Netbsd, Sendmail | 2024-02-28 | 4.6 MEDIUM | N/A |
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | |||||
CVE-2001-0767 | 1 Steve Poulsen | 1 Guildftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. | |||||
CVE-2001-0949 | 1 Valicert | 1 Enterprise Validation Authority | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length. | |||||
CVE-2001-1171 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 7.2 HIGH | N/A |
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | |||||
CVE-1999-0607 | 1 I-soft | 1 Quikstore | 2024-02-28 | 5.0 MEDIUM | N/A |
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges. | |||||
CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2024-02-28 | 7.5 HIGH | N/A |
FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | |||||
CVE-1999-1535 | 1 Persits | 1 Aspupload | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request. | |||||
CVE-1999-1390 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||||
CVE-2002-1055 | 1 Brother | 1 Nc-3100h | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password. | |||||
CVE-2002-0410 | 1 Aeromail | 1 Aeromail | 2024-02-28 | 5.0 MEDIUM | N/A |
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded. | |||||
CVE-1999-1026 | 1 Sun | 1 Solaris | 2024-02-28 | 7.2 HIGH | N/A |
aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. |